admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-28T15:00:24.769192+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-28 15:00:28 +00:00
parent a87f5e3e2d
commit 4ef21c8cbd
34 changed files with 1633 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2022/CVE-2022-467xx/CVE-2022-46705.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46705",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-02-27T20:15:12.820",
"lastModified": "2023-11-15T21:15:07.583",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:48:17.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -62,20 +62,46 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.2",
"matchCriteriaId": "C5892A8E-3D71-4ED7-ABFC-973DE74C2AD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.2",
"matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E"
"matchCriteriaId": "12BFE943-4D00-44E4-9F1E-138547AAC79D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.2",
"matchCriteriaId": "2B03CFDD-AC66-4B07-A8CB-E026FCB8A1AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.2",
"matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F"
"matchCriteriaId": "6B7ED32C-BCF6-4BE8-8013-43D46507722E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.1",
"matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "400AD564-BDEC-4C81-B650-56357BEBF0C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2",
"matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0"
}
]
}
@ -85,7 +111,11 @@
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/11/15/1",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213530",
@ -113,19 +143,31 @@
},
{
"url": "https://support.apple.com/kb/HT213531",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213535",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213536",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213676",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

7
CVE-2023/CVE-2023-05xx/CVE-2023-0562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0562",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-28T23:15:08.810",
"lastModified": "2023-11-14T22:28:17.220",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:42:15.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -121,8 +121,7 @@
"url": "https://vuldb.com/?ctiid.219716",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
"Permissions Required"
]
},
{

7
CVE-2023/CVE-2023-05xx/CVE-2023-0563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0563",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-28T23:15:08.897",
"lastModified": "2023-11-14T22:28:17.220",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:43:54.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -121,8 +121,7 @@
"url": "https://vuldb.com/?ctiid.219717",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
"Permissions Required"
]
},
{

9
CVE-2023/CVE-2023-270xx/CVE-2023-27074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27074",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-14T15:15:12.377",
"lastModified": "2023-11-14T21:58:08.407",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:48:38.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,7 +66,10 @@
"references": [
{
"url": "https://github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27074.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://phpgurukul.com/bp-monitoring-management-system-using-php-and-mysql/",

51
CVE-2023/CVE-2023-291xx/CVE-2023-29102.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-29102",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:08.560",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:44:22.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Olive Themes Olive One Click Demo Import. Este problema afecta a Olive One Click Demo Import: desde n/a hasta 1.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:olivethemes:olive_one_click_demo_import:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.1",
"matchCriteriaId": "9E59364C-B06F-408F-B78C-D266922DF4F6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-0-9-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-293xx/CVE-2023-29384.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-29384",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:08.740",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:34:45.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin \u2013 JobWP.This issue affects WordPress Job Board and Recruitment Plugin \u2013 JobWP: from n/a through 2.0.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en HM Plugin WordPress Job Board and Recruitment Plugin \u2013 JobWP. Este problema afecta a WordPress Job Board y Recruitment Plugin \u2013 JobWP: desde n/a hasta 2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hmplugin:jobwp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "86891660-B08C-4FAE-9FD4-99F5440D969E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jobwp/wordpress-job-board-and-recruitment-plugin-jobwp-plugin-2-0-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-312xx/CVE-2023-31215.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31215",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:08.930",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:32:56.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon.This issue affects Dropshipping & Affiliation with Amazon: from n/a through 2.1.2.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en AmaderCode Lab Dropshipping & Affiliation with Amazon. Este problema afecta a Dropshipping & Affiliation with Amazon: desde n/a hasta 2.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amadercode:dropshipping_\\&_affiliation_with_amazon:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.2",
"matchCriteriaId": "D95065AF-EF1B-4CB5-9DF1-095037381F1F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-amazon-shop/wordpress-dropshipping-affiliation-with-amazon-plugin-2-1-2-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

269
CVE-2023/CVE-2023-332xx/CVE-2023-33222.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-33222",
"sourceIdentifier": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"published": "2023-12-15T12:15:44.130",
"lastModified": "2023-12-15T13:41:51.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:58:34.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nWhen handling contactless cards, usage of a specific function to get additional information from the card which doesn't \ncheck the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a \npotential Remote Code Execution on the targeted device\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Al manejar tarjetas sin contacto, se utiliza una funci\u00f3n espec\u00edfica para obtener informaci\u00f3n adicional de la tarjeta que no verifica el l\u00edmite de los datos recibidos durante la lectura. Esto permite un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria que podr\u00eda provocar una posible ejecuci\u00f3n remota de c\u00f3digo en el dispositivo de destino."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"type": "Secondary",
@ -46,10 +80,239 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.15.5",
"matchCriteriaId": "983A7DAD-1995-4A8A-8714-D47D4E90ABF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F8847F-E51A-4A64-A2D4-FCDD193E7AFA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:sigma_lite\\+_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.15.5",
"matchCriteriaId": "A2582E12-D19F-4660-A98C-6941C8C9081D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:sigma_lite\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB49653-25EA-4F69-A1B7-0ACA58F85FF1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.15.5",
"matchCriteriaId": "865DE0C9-5384-45BD-AF81-5C416FCB962A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB05B6D-7D4C-4148-A05A-751B272B0E25"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.15.5",
"matchCriteriaId": "8E2D74C2-6C83-4111-B410-E81C7414309B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE86F813-6021-4FEB-86A9-B7013EEB4416"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.12.2",
"matchCriteriaId": "8BDA2ED3-4875-45EB-8489-8C6B8F44EF2A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B36E662E-C713-47E5-B07E-F0D9F1C63E9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.12.2",
"matchCriteriaId": "AEAD097B-E5A8-492F-9ABB-75D5D15A8F9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA7252B-5871-4A13-B41D-752A5EA276F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.12.2",
"matchCriteriaId": "1ED8DCF7-F85C-4513-BF69-5FE2D7185A96"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDABE653-294E-478C-B458-F9A1206A0E7E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.7",
"matchCriteriaId": "BF554F0F-8E5D-40A2-A676-8984AB685CEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD369B0-119B-497B-9353-AB5E5E267FF9"
}
]
}
]
}
],
"references": [
{
"url": "https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf",
"source": "a87f365f-9d39-4848-9b3a-58c7cae69cab"
"source": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-333xx/CVE-2023-33318.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-33318",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:09.337",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:32:14.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en WooCommerce AutomateWoo. Este problema afecta a AutomateWoo: desde n/a hasta 4.9.40."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woocommerce:automatewoo:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.9.40",
"matchCriteriaId": "05155BDD-70A6-4927-A937-4D9BBC42961B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-follow-up-emails/wordpress-woocommerce-follow-up-emails-plugin-4-9-40-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

29
CVE-2023/CVE-2023-339xx/CVE-2023-33951.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33951",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:11.820",
"lastModified": "2023-11-14T21:15:09.050",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:39:09.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -112,6 +112,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
}
]
}
@ -121,15 +131,24 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:6583",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:6901",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-33951",

29
CVE-2023/CVE-2023-339xx/CVE-2023-33952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33952",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:11.893",
"lastModified": "2023-11-14T21:15:09.150",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:39:16.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
}
]
}
@ -117,15 +127,24 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:6583",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:6901",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-33952",

51
CVE-2023/CVE-2023-340xx/CVE-2023-34007.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-34007",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:09.523",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:31:11.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en WPChill Download Monitor. Este problema afecta a Download Monitor: desde n/a hasta 4.8.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpchill:download_monitor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.8.3",
"matchCriteriaId": "853950B1-BEEB-43E6-BF5B-9189816A4CB4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-8-3-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-349xx/CVE-2023-34968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34968",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.540",
"lastModified": "2023-11-14T21:15:09.513",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:38:56.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
@ -136,16 +141,42 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:6667",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7139",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34968",
@ -171,15 +202,24 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-34968.html",

9
CVE-2023/CVE-2023-369xx/CVE-2023-36942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36942",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-27T20:15:10.027",
"lastModified": "2023-11-14T21:06:31.947",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:36:28.463",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,7 +66,10 @@
"references": [
{
"url": "https://medium.com/%40ridheshgohil1092/cve-2023-36942-xss-on-online-fire-reporting-system-v-1-2-19357e54978c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://packetstormsecurity.com",

29
CVE-2023/CVE-2023-37xx/CVE-2023-3772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3772",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T16:15:11.660",
"lastModified": "2023-11-14T20:15:07.703",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:35:56.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -92,6 +92,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
}
]
}
@ -168,15 +178,24 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:6583",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:6901",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3772",

20
CVE-2023/CVE-2023-395xx/CVE-2023-39551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39551",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T19:15:10.390",
"lastModified": "2023-11-14T22:21:38.423",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:38:04.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -74,15 +74,25 @@
},
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39551",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.chtsecurity.com/news/285b9375-ba65-4f61-a02a-a575337dc86c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-41xx/CVE-2023-4132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4132",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-03T15:15:32.833",
"lastModified": "2023-11-14T20:15:09.050",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:36:33.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
}
]
}
@ -152,11 +162,17 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:6901",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4132",

10
CVE-2023/CVE-2023-45xx/CVE-2023-4522.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4522",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-30T08:15:52.673",
"lastModified": "2023-11-15T12:15:06.860",
"vulnStatus": "Modified",
"lastModified": "2023-12-28T14:50:15.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -86,8 +86,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.2.0",
"matchCriteriaId": "32A94716-6633-4771-820E-C405D5FC9B45"
"versionEndExcluding": "16.2.0",
"matchCriteriaId": "9083DA3B-05EC-402A-9942-0C83766A1AEB"
}
]
}
@ -99,7 +99,7 @@
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/406817",
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
"Exploit"
]
},
{

51
CVE-2023/CVE-2023-461xx/CVE-2023-46149.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-46149",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T19:15:10.310",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:44:32.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.\n\n"
},
{
"lang": "es",
"value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Themify Themify Ultra. Este problema afecta a Themify Ultra: desde n/a hasta 7.3.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themify:ultra:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.3.5",
"matchCriteriaId": "58FACD73-47B0-46DE-B1EE-6D8DC7C0949E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-unrestricted-zip-extraction-lead-to-rce-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-472xx/CVE-2023-47265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47265",
"sourceIdentifier": "security@apache.org",
"published": "2023-12-21T10:15:35.713",
"lastModified": "2023-12-21T15:15:09.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:00:15.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Apache Airflow, desde versiones 2.6.0 a 2.7.3, tiene una vulnerabilidad de XSS almacenado que permite a un autor de DAG agregar un javascript ilimitado y no sanitizado en el campo de descripci\u00f3n de par\u00e1metros del DAG. Este Javascript se puede ejecutar en el lado del cliente de cualquiera de los usuarios que mira las tareas en la sandbox del navegador. Si bien este problema no permite salir de la sandbox del navegador ni manipular los datos del lado del servidor (m\u00e1s de los que el autor del DAG ya tiene, permite modificar lo que el usuario que mira los detalles del DAG ve en el navegador), lo que abre todo tipo de problemas de posibilidades de enga\u00f1ar a otros usuarios. Se recomienda a los usuarios de Apache Airflow actualizar a la versi\u00f3n 2.8.0 o posterior para mitigar el riesgo asociado con esta vulnerabilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,18 +50,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndIncluding": "2.7.3",
"matchCriteriaId": "0A643237-EF0F-402D-9188-307B0C74FC37"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/21/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/airflow/pull/35460",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/128f3zl375vb1qv93k82zhnwkpl233pr",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-482xx/CVE-2023-48291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48291",
"sourceIdentifier": "security@apache.org",
"published": "2023-12-21T10:15:36.043",
"lastModified": "2023-12-21T15:15:09.747",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:52:59.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Apache Airflow, en versiones anteriores a la 2.8.0, contiene una vulnerabilidad de seguridad que permite a un usuario autenticado con acceso limitado a algunos DAG crear una solicitud que podr\u00eda darle al usuario acceso de escritura a varios recursos de DAG para los DAG a los que el usuario no ten\u00eda acceso. para, por lo tanto, permitir al usuario borrar DAG que no deber\u00eda. Esta es una soluci\u00f3n que falta para CVE-2023-42792 en Apache Airflow 2.7.2. Se recomienda encarecidamente a los usuarios de Apache Airflow que actualicen a la versi\u00f3n 2.8.0 o posterior para mitigar el riesgo asociado con esta vulnerabilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,18 +50,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.0",
"matchCriteriaId": "4677EF1A-E179-48BF-98C7-EACB269B0BDD"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/21/1",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/airflow/pull/34366",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/3nl0h014274yjlt1hd02z0q78ftyz0z3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-499xx/CVE-2023-49920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49920",
"sourceIdentifier": "security@apache.org",
"published": "2023-12-21T10:15:36.330",
"lastModified": "2023-12-21T15:15:09.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:49:22.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Apache Airflow, desde versi\u00f3n 2.7.0 a 2.7.3, tiene una vulnerabilidad que permite a un atacante activar un DAG en una solicitud GET sin validaci\u00f3n CSRF. Como resultado, era posible que un sitio web malicioso abierto en el mismo navegador (por el usuario que tambi\u00e9n ten\u00eda abierta la interfaz de usuario de Airflow) desencadenara la ejecuci\u00f3n de DAG sin el consentimiento del usuario. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.8.0 o posterior, que no se ve afectada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,18 +50,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.3",
"matchCriteriaId": "122817C2-2AA2-4D75-85C1-CDC07B9531A8"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/21/3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/airflow/pull/36026",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/mnwd2vcfw3gms6ft6kl951vfbqrxsnjq",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-507xx/CVE-2023-50783.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50783",
"sourceIdentifier": "security@apache.org",
"published": "2023-12-21T10:15:36.607",
"lastModified": "2023-12-21T15:15:10.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T13:45:11.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Apache Airflow, en versiones anteriores a 2.8.0, se ve afectado por una vulnerabilidad que permite a un usuario autenticado sin el permiso de edici\u00f3n de variables actualizar una variable. Este fallo compromete la integridad de la gesti\u00f3n de variables, lo que podr\u00eda provocar modificaciones de datos no autorizadas. Se recomienda a los usuarios actualizar a 2.8.0, que soluciona este problema"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,18 +50,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.0",
"matchCriteriaId": "4677EF1A-E179-48BF-98C7-EACB269B0BDD"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/21/4",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/airflow/pull/33932",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/rs7cr3yp726mb89s1m844hy9pq7frgcn",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-70xx/CVE-2023-7051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7051",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T22:15:15.773",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:01:04.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248738",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248738",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-70xx/CVE-2023-7052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7052",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T01:15:12.323",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:01:27.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_profile_notes.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248739",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248739",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-70xx/CVE-2023-7053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7053",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T02:15:43.213",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:02:30.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/note_weakpass.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248740",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248740",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-70xx/CVE-2023-7054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7054",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T02:15:43.453",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:09:37.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -65,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -75,18 +105,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/notes_malicious_fileupload.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248741",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248741",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-70xx/CVE-2023-7055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7055",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T03:15:09.790",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:11:05.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +105,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/notes_parameter_tampering.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248742",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248742",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-70xx/CVE-2023-7056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7056",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T03:15:10.020",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:14:49.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1XDGcSRytGV11YWuhIuW_4GvD7kEpgjZT/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248743",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248743",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-70xx/CVE-2023-7057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7057",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T04:15:09.443",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:14:38.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1s2kLMjnUvlrD_XocoDl3-ABrWYTo5Azd/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248744",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248744",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-70xx/CVE-2023-7058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7058",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T05:15:13.860",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:15:04.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:simple_student_attendance_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0907D49A-D649-42A3-BE96-A1EB234C6859"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/Simple-Student-Attendance-System",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248749",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248749",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-70xx/CVE-2023-7059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7059",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-22T05:15:14.323",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-28T14:15:58.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:school_visitor_log_e-book:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71208704-0CD7-4C0B-B373-FA62E9AB9AB3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/school-visitors-log-e-book.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248750",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248750",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-71xx/CVE-2023-7126.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7126",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-28T14:15:44.660",
"lastModified": "2023-12-28T14:15:44.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249129",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249129",
"source": "cna@vuldb.com"
}
]
}

54
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-28T13:00:24.256310+00:00
2023-12-28T15:00:24.769192+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-28T12:15:43.953000+00:00
2023-12-28T14:58:34.140000+00:00
```
### Last Data Feed Release
@ -29,37 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234340
234341
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `1`
* [CVE-2023-27447](CVE-2023/CVE-2023-274xx/CVE-2023-27447.json) (`2023-12-28T11:15:07.973`)
* [CVE-2023-32513](CVE-2023/CVE-2023-325xx/CVE-2023-32513.json) (`2023-12-28T11:15:08.590`)
* [CVE-2023-32795](CVE-2023/CVE-2023-327xx/CVE-2023-32795.json) (`2023-12-28T11:15:08.833`)
* [CVE-2023-36381](CVE-2023/CVE-2023-363xx/CVE-2023-36381.json) (`2023-12-28T11:15:09.067`)
* [CVE-2023-50836](CVE-2023/CVE-2023-508xx/CVE-2023-50836.json) (`2023-12-28T11:15:09.333`)
* [CVE-2023-50856](CVE-2023/CVE-2023-508xx/CVE-2023-50856.json) (`2023-12-28T11:15:09.560`)
* [CVE-2023-50857](CVE-2023/CVE-2023-508xx/CVE-2023-50857.json) (`2023-12-28T11:15:09.900`)
* [CVE-2023-50858](CVE-2023/CVE-2023-508xx/CVE-2023-50858.json) (`2023-12-28T11:15:10.120`)
* [CVE-2023-50859](CVE-2023/CVE-2023-508xx/CVE-2023-50859.json) (`2023-12-28T11:15:10.357`)
* [CVE-2023-50860](CVE-2023/CVE-2023-508xx/CVE-2023-50860.json) (`2023-12-28T11:15:10.573`)
* [CVE-2023-50873](CVE-2023/CVE-2023-508xx/CVE-2023-50873.json) (`2023-12-28T11:15:10.797`)
* [CVE-2023-50848](CVE-2023/CVE-2023-508xx/CVE-2023-50848.json) (`2023-12-28T12:15:42.750`)
* [CVE-2023-50849](CVE-2023/CVE-2023-508xx/CVE-2023-50849.json) (`2023-12-28T12:15:42.997`)
* [CVE-2023-50851](CVE-2023/CVE-2023-508xx/CVE-2023-50851.json) (`2023-12-28T12:15:43.193`)
* [CVE-2023-50852](CVE-2023/CVE-2023-508xx/CVE-2023-50852.json) (`2023-12-28T12:15:43.390`)
* [CVE-2023-50853](CVE-2023/CVE-2023-508xx/CVE-2023-50853.json) (`2023-12-28T12:15:43.577`)
* [CVE-2023-50854](CVE-2023/CVE-2023-508xx/CVE-2023-50854.json) (`2023-12-28T12:15:43.767`)
* [CVE-2023-50855](CVE-2023/CVE-2023-508xx/CVE-2023-50855.json) (`2023-12-28T12:15:43.953`)
* [CVE-2023-7126](CVE-2023/CVE-2023-71xx/CVE-2023-7126.json) (`2023-12-28T14:15:44.660`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `32`
* [CVE-2023-50783](CVE-2023/CVE-2023-507xx/CVE-2023-50783.json) (`2023-12-28T13:45:11.130`)
* [CVE-2023-49920](CVE-2023/CVE-2023-499xx/CVE-2023-49920.json) (`2023-12-28T13:49:22.483`)
* [CVE-2023-48291](CVE-2023/CVE-2023-482xx/CVE-2023-48291.json) (`2023-12-28T13:52:59.233`)
* [CVE-2023-47265](CVE-2023/CVE-2023-472xx/CVE-2023-47265.json) (`2023-12-28T14:00:15.887`)
* [CVE-2023-7051](CVE-2023/CVE-2023-70xx/CVE-2023-7051.json) (`2023-12-28T14:01:04.813`)
* [CVE-2023-7052](CVE-2023/CVE-2023-70xx/CVE-2023-7052.json) (`2023-12-28T14:01:27.227`)
* [CVE-2023-7053](CVE-2023/CVE-2023-70xx/CVE-2023-7053.json) (`2023-12-28T14:02:30.227`)
* [CVE-2023-7054](CVE-2023/CVE-2023-70xx/CVE-2023-7054.json) (`2023-12-28T14:09:37.753`)
* [CVE-2023-7055](CVE-2023/CVE-2023-70xx/CVE-2023-7055.json) (`2023-12-28T14:11:05.570`)
* [CVE-2023-7057](CVE-2023/CVE-2023-70xx/CVE-2023-7057.json) (`2023-12-28T14:14:38.083`)
* [CVE-2023-7056](CVE-2023/CVE-2023-70xx/CVE-2023-7056.json) (`2023-12-28T14:14:49.117`)
* [CVE-2023-7058](CVE-2023/CVE-2023-70xx/CVE-2023-7058.json) (`2023-12-28T14:15:04.563`)
* [CVE-2023-7059](CVE-2023/CVE-2023-70xx/CVE-2023-7059.json) (`2023-12-28T14:15:58.007`)
* [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-12-28T14:35:56.913`)
* [CVE-2023-36942](CVE-2023/CVE-2023-369xx/CVE-2023-36942.json) (`2023-12-28T14:36:28.463`)
* [CVE-2023-4132](CVE-2023/CVE-2023-41xx/CVE-2023-4132.json) (`2023-12-28T14:36:33.327`)
* [CVE-2023-39551](CVE-2023/CVE-2023-395xx/CVE-2023-39551.json) (`2023-12-28T14:38:04.070`)
* [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2023-12-28T14:38:56.397`)
* [CVE-2023-33951](CVE-2023/CVE-2023-339xx/CVE-2023-33951.json) (`2023-12-28T14:39:09.287`)
* [CVE-2023-33952](CVE-2023/CVE-2023-339xx/CVE-2023-33952.json) (`2023-12-28T14:39:16.187`)
* [CVE-2023-0562](CVE-2023/CVE-2023-05xx/CVE-2023-0562.json) (`2023-12-28T14:42:15.407`)
* [CVE-2023-0563](CVE-2023/CVE-2023-05xx/CVE-2023-0563.json) (`2023-12-28T14:43:54.757`)
* [CVE-2023-27074](CVE-2023/CVE-2023-270xx/CVE-2023-27074.json) (`2023-12-28T14:48:38.350`)
* [CVE-2023-4522](CVE-2023/CVE-2023-45xx/CVE-2023-4522.json) (`2023-12-28T14:50:15.647`)
* [CVE-2023-33222](CVE-2023/CVE-2023-332xx/CVE-2023-33222.json) (`2023-12-28T14:58:34.140`)
## Download and Usage